Merge pull request #9 from exposedev/feature/cooldown

mpociot · web-flow · commit d8aa15b155a2 · 2025-07-03T14:49:14.000+02:00
Add cooldown feature
diff --git a/app/Connections/ConnectionManager.php b/app/Connections/ConnectionManager.php
@@ -50,6 +50,14 @@ public function limitConnectionLength(ControlConnection $connection, int $maximu
 
         $this->loop->addTimer($maximumConnectionLength * 60, function () use ($connection) {
             $connection->closeWithoutReconnect();
+            
+            // Set cooldown for authenticated users
+            $cooldownPeriod = config('expose-server.connection_cooldown_period', 0);
+            if ($cooldownPeriod > 0 && !empty($connection->authToken)) {
+                $cooldownEndsAt = time() + ($cooldownPeriod * 60);
+                app(\Expose\Server\Contracts\UserRepository::class)->setCooldownForToken($connection->authToken, $cooldownEndsAt);
+                $this->statisticsCollector->cooldownTriggered();
+            }
         });
     }
 
diff --git a/app/Contracts/StatisticsCollector.php b/app/Contracts/StatisticsCollector.php
@@ -10,6 +10,8 @@ public function portShared($authToken = null);
 
     public function incomingRequest();
 
+    public function cooldownTriggered();
+
     public function flush();
 
     public function save();
diff --git a/app/Contracts/UserRepository.php b/app/Contracts/UserRepository.php
@@ -23,4 +23,6 @@ public function deleteUser($id): PromiseInterface;
     public function getUsersByTokens(array $authTokens): PromiseInterface;
 
     public function updateLastSharedAt($id): PromiseInterface;
+
+    public function setCooldownForToken(string $authToken, int $cooldownEndsAt): PromiseInterface;
 }
diff --git a/app/Http/Controllers/Admin/StoreSettingsController.php b/app/Http/Controllers/Admin/StoreSettingsController.php
@@ -29,10 +29,14 @@ public function handle(Request $request, ConnectionInterface $httpConnection)
 
         config()->set('expose-server.maximum_connection_length', $request->get('maximum_connection_length'));
 
+        config()->set('expose-server.connection_cooldown_period', $request->get('connection_cooldown_period'));
+
         config()->set('expose-server.messages.message_of_the_day', Arr::get($messages, 'message_of_the_day'));
 
         config()->set('expose-server.messages.custom_subdomain_unauthorized', Arr::get($messages, 'custom_subdomain_unauthorized'));
 
+        config()->set('expose-server.messages.connection_cooldown_active', Arr::get($messages, 'connection_cooldown_active'));
+
         $httpConnection->send(
             respond_json([
                 'configuration' => $this->configuration,
diff --git a/app/Http/Controllers/ControlMessageController.php b/app/Http/Controllers/ControlMessageController.php
@@ -139,11 +139,16 @@ protected function authenticate(ConnectionInterface $connection, $data)
                 } elseif ($data->type === 'tcp') {
                     $this->handleTcpConnection($connection, $data, $user);
                 }
-            }, function () use ($connection) {
+            }, function ($error) use ($connection) {
+                $message = config('expose-server.messages.invalid_auth_token');
+                if ($error instanceof \Exception) {
+                    $message = $error->getMessage();
+                }
+                
                 $connection->send(json_encode([
                     'event' => 'authenticationFailed',
                     'data' => [
-                        'message' => config('expose-server.messages.invalid_auth_token'),
+                        'message' => $message,
                     ],
                 ]));
                 $connection->close();
@@ -287,8 +292,19 @@ protected function verifyAuthToken(ConnectionInterface $connection): PromiseInte
             ->getUserByToken($authToken)
             ->then(function ($user) use ($deferred) {
                 if (is_null($user)) {
-                    $deferred->reject(new \Exception("Invalid auth token"));
+                    $deferred->reject(new \Exception(config('expose-server.messages.invalid_auth_token')));
                 } else {
+                    // Check if user is in cooldown
+                    if (!empty($user['cooldown_ends_at'])) {
+                        $currentTime = time();
+                        if ($currentTime < $user['cooldown_ends_at']) {
+                            $minutesRemaining = ceil(($user['cooldown_ends_at'] - $currentTime) / 60);
+                            $message = str_replace(':minutes', $minutesRemaining, config('expose-server.messages.connection_cooldown_active'));
+                            $deferred->reject(new \Exception($message));
+                            return;
+                        }
+                    }
+                    
                     $this->userRepository
                         ->updateLastSharedAt($user['id'])
                         ->then(function () use ($deferred, $user) {
diff --git a/app/StatisticsCollector/DatabaseStatisticsCollector.php b/app/StatisticsCollector/DatabaseStatisticsCollector.php
@@ -19,6 +19,9 @@ class DatabaseStatisticsCollector implements StatisticsCollector
     /** @var int */
     protected $requests = 0;
 
+    /** @var int */
+    protected $cooldowns = 0;
+
     public function __construct(DatabaseInterface $database)
     {
         $this->database = $database;
@@ -34,6 +37,7 @@ public function flush()
         $this->sharedPorts = [];
         $this->sharedSites = [];
         $this->requests = 0;
+        $this->cooldowns = 0;
     }
 
     public function siteShared($authToken = null)
@@ -71,6 +75,15 @@ public function incomingRequest()
         $this->requests++;
     }
 
+    public function cooldownTriggered()
+    {
+        if (! $this->shouldCollectStatistics()) {
+            return;
+        }
+
+        $this->cooldowns++;
+    }
+
     public function save()
     {
         $sharedSites = 0;
@@ -84,15 +97,16 @@ public function save()
         });
 
         $this->database->query('
-                    INSERT INTO statistics (timestamp, shared_sites, shared_ports, unique_shared_sites, unique_shared_ports, incoming_requests)
-                    VALUES (:timestamp, :shared_sites, :shared_ports, :unique_shared_sites, :unique_shared_ports, :incoming_requests)
+                    INSERT INTO statistics (timestamp, shared_sites, shared_ports, unique_shared_sites, unique_shared_ports, incoming_requests, cooldown_count)
+                    VALUES (:timestamp, :shared_sites, :shared_ports, :unique_shared_sites, :unique_shared_ports, :incoming_requests, :cooldown_count)
                 ', [
             'timestamp' => today()->toDateString(),
             'shared_sites' => $sharedSites,
             'shared_ports' => $sharedPorts,
             'unique_shared_sites' => count($this->sharedSites),
             'unique_shared_ports' => count($this->sharedPorts),
             'incoming_requests' => $this->requests,
+            'cooldown_count' => $this->cooldowns,
         ])
         ->then(function () {
             $this->flush();
diff --git a/app/StatisticsRepository/DatabaseStatisticsRepository.php b/app/StatisticsRepository/DatabaseStatisticsRepository.php
@@ -29,7 +29,8 @@ public function getStatistics($from, $until): PromiseInterface
                 SUM(shared_ports) as shared_ports,
                 SUM(unique_shared_sites) as unique_shared_sites,
                 SUM(unique_shared_ports) as unique_shared_ports,
-                SUM(incoming_requests) as incoming_requests
+                SUM(incoming_requests) as incoming_requests,
+                SUM(cooldown_count) as cooldown_count
                 FROM statistics
                 WHERE
                 `timestamp` >= "'.$from.'" AND `timestamp` <= "'.$until.'"')
diff --git a/app/UserRepository/DatabaseUserRepository.php b/app/UserRepository/DatabaseUserRepository.php
@@ -106,6 +106,17 @@ protected function getUserDetails(array $user)
         $user['sites'] = $user['auth_token'] !== '' ? $this->connectionManager->getConnectionsForAuthToken($user['auth_token']) : [];
         $user['tcp_connections'] = $user['auth_token'] !== '' ? $this->connectionManager->getTcpConnectionsForAuthToken($user['auth_token']) : [];
 
+        $user['is_in_cooldown'] = false;
+        $user['cooldown_minutes_remaining'] = 0;
+        
+        if (!empty($user['cooldown_ends_at'])) {
+            $currentTime = time();
+            if ($currentTime < $user['cooldown_ends_at']) {
+                $user['is_in_cooldown'] = true;
+                $user['cooldown_minutes_remaining'] = ceil(($user['cooldown_ends_at'] - $currentTime) / 60);
+            }
+        }
+
         return $user;
     }
 
@@ -233,4 +244,20 @@ public function getUsersByTokens(array $authTokens): PromiseInterface
 
         return $deferred->promise();
     }
+
+    public function setCooldownForToken(string $authToken, int $cooldownEndsAt): PromiseInterface
+    {
+        $deferred = new Deferred();
+
+        $this->database
+            ->query('UPDATE users SET cooldown_ends_at = :cooldown_ends_at WHERE auth_token = :token', [
+                'cooldown_ends_at' => $cooldownEndsAt,
+                'token' => $authToken,
+            ])
+            ->then(function (Result $result) use ($deferred) {
+                $deferred->resolve(null);
+            });
+
+        return $deferred->promise();
+    }
 }
diff --git a/config/expose-server.php b/config/expose-server.php
@@ -54,6 +54,18 @@
     */
     'maximum_connection_length' => 0,
 
+    /*
+    |--------------------------------------------------------------------------
+    | Connection Cooldown Period
+    |--------------------------------------------------------------------------
+    |
+    | After a client is disconnected due to reaching the maximum connection
+    | length, they must wait this many minutes before reconnecting.
+    | Set to 0 to disable the cooldown period.
+    |
+    */
+    'connection_cooldown_period' => 0,
+
     /*
     |--------------------------------------------------------------------------
     | Maximum number of open connections
@@ -182,6 +194,7 @@
         'custom_domain_unauthorized' => 'You are not allowed to use this custom domain. If you think this should work, double-check the server setting and try again.',
 
         'maximum_connection_length_reached' => 'You have reached the maximum connection length for this server. Please upgrade to Expose Pro for unlimited connection length.',
+        'connection_cooldown_active' => 'You\'ve used your free session for now. Please wait :cooldown minutes before reconnecting, or upgrade to Expose Pro → https://expose.dev/pro',
     ],
 
     'statistics' => [
diff --git a/database/migrations/10_add_cooldown_ends_at_to_users_table.sql b/database/migrations/10_add_cooldown_ends_at_to_users_table.sql
@@ -0,0 +1 @@
+ALTER TABLE users ADD COLUMN cooldown_ends_at INTEGER DEFAULT NULL;
diff --git a/database/migrations/11_add_cooldown_count_to_statistics_table.sql b/database/migrations/11_add_cooldown_count_to_statistics_table.sql
@@ -0,0 +1 @@
+ALTER TABLE statistics ADD COLUMN cooldown_count INTEGER DEFAULT 0;
diff --git a/tests/Feature/Server/CooldownTest.php b/tests/Feature/Server/CooldownTest.php
@@ -0,0 +1,164 @@
+<?php
+
+namespace Tests\Feature\Server;
+
+use Expose\Server\Factory;
+use React\Http\Browser;
+use Tests\Feature\TestCase;
+
+class CooldownTest extends TestCase
+{
+    /** @var Browser */
+    protected $browser;
+
+    /** @var Factory */
+    protected $serverFactory;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        $this->browser = new Browser($this->loop);
+        $this->browser = $this->browser->withFollowRedirects(false);
+
+        $this->startServer();
+    }
+
+    public function tearDown(): void
+    {
+        $this->serverFactory->getSocket()->close();
+
+        $this->await(\React\Promise\Timer\resolve(0.2, $this->loop));
+
+        parent::tearDown();
+    }
+
+    /** @test */
+    public function it_shows_cooldown_status_in_user_details()
+    {
+        // Create a user
+        $authToken = 'cooldown-test-token';
+        
+        $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
+            'Host' => 'expose.localhost',
+            'Authorization' => base64_encode('username:secret'),
+            'Content-Type' => 'application/json',
+        ], json_encode([
+            'name' => 'Cooldown Test User',
+            'auth_token' => $authToken,
+        ])));
+
+        // Set cooldown for the user (simulate they were disconnected)
+        $cooldownEndsAt = time() + (10 * 60); // 10 minutes from now
+        $userRepo = app(\Expose\Server\Contracts\UserRepository::class);
+        $this->await($userRepo->setCooldownForToken($authToken, $cooldownEndsAt));
+
+        // Get user details
+        $response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users', [
+            'Host' => 'expose.localhost',
+            'Authorization' => base64_encode('username:secret'),
+        ]));
+
+        $body = json_decode($response->getBody()->getContents());
+        $users = $body->paginated->users;
+        
+        $cooldownUser = null;
+        foreach ($users as $user) {
+            if ($user->auth_token === $authToken) {
+                $cooldownUser = $user;
+                break;
+            }
+        }
+
+        $this->assertNotNull($cooldownUser);
+        $this->assertTrue($cooldownUser->is_in_cooldown);
+        $this->assertEquals(10, $cooldownUser->cooldown_minutes_remaining);
+    }
+
+    /** @test */
+    public function it_can_configure_cooldown_period_via_admin_api()
+    {
+        // Get current settings
+        $response = $this->await($this->browser->get('http://127.0.0.1:8080/api/settings', [
+            'Host' => 'expose.localhost',
+            'Authorization' => base64_encode('username:secret'),
+        ]));
+
+        $settings = json_decode($response->getBody()->getContents());
+        
+        // Update cooldown period
+        $response = $this->await($this->browser->post('http://127.0.0.1:8080/api/settings', [
+            'Host' => 'expose.localhost',
+            'Authorization' => base64_encode('username:secret'),
+            'Content-Type' => 'application/json',
+        ], json_encode([
+            'connection_cooldown_period' => 15,
+            'validate_auth_tokens' => $settings->configuration->validate_auth_tokens,
+            'maximum_connection_length' => $settings->configuration->maximum_connection_length,
+            'messages' => [
+                'invalid_auth_token' => $settings->configuration->messages->invalid_auth_token,
+                'subdomain_taken' => $settings->configuration->messages->subdomain_taken,
+                'message_of_the_day' => $settings->configuration->messages->message_of_the_day,
+                'custom_subdomain_unauthorized' => $settings->configuration->messages->custom_subdomain_unauthorized,
+                'connection_cooldown_active' => 'You must wait before reconnecting. Cooldown period expires in :minutes minutes.',
+            ],
+        ])));
+
+        $updatedSettings = json_decode($response->getBody()->getContents());
+        
+        $this->assertEquals(15, $updatedSettings->configuration->connection_cooldown_period);
+        $this->assertStringContainsString(':minutes', $updatedSettings->configuration->messages->connection_cooldown_active);
+    }
+
+    /** @test */
+    public function it_shows_no_cooldown_for_users_without_cooldown()
+    {
+        // Create a user without cooldown
+        $authToken = 'no-cooldown-user-token';
+        
+        $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
+            'Host' => 'expose.localhost',
+            'Authorization' => base64_encode('username:secret'),
+            'Content-Type' => 'application/json',
+        ], json_encode([
+            'name' => 'Regular User',
+            'auth_token' => $authToken,
+        ])));
+
+        // Get user details
+        $response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users', [
+            'Host' => 'expose.localhost',
+            'Authorization' => base64_encode('username:secret'),
+        ]));
+
+        $body = json_decode($response->getBody()->getContents());
+        $users = $body->paginated->users;
+        
+        $regularUser = null;
+        foreach ($users as $user) {
+            if ($user->auth_token === $authToken) {
+                $regularUser = $user;
+                break;
+            }
+        }
+
+        $this->assertNotNull($regularUser);
+        $this->assertFalse($regularUser->is_in_cooldown);
+        $this->assertEquals(0, $regularUser->cooldown_minutes_remaining);
+    }
+
+    protected function startServer()
+    {
+        $this->app['config']['expose-server.subdomain'] = 'expose';
+        $this->app['config']['expose-server.database'] = ':memory:';
+
+        $this->app['config']['expose-server.users'] = [
+            'username' => 'secret',
+        ];
+
+        $this->serverFactory = new Factory();
+
+        $this->serverFactory->setLoop($this->loop)
+            ->createServer();
+    }
+}
diff --git a/tests/Feature/Server/TunnelTest.php b/tests/Feature/Server/TunnelTest.php

Original file line number	Diff line number	Diff line change
`@@ -23,4 +23,6 @@ public function deleteUser($id): PromiseInterface;`
`23`	`23`	`public function getUsersByTokens(array $authTokens): PromiseInterface;`
`24`	`24`
`25`	`25`	`public function updateLastSharedAt($id): PromiseInterface;`
	`26`	`+`
	`27`	`+ public function setCooldownForToken(string $authToken, int $cooldownEndsAt): PromiseInterface;`
`26`	`28`	`}`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+ALTER TABLE users ADD COLUMN cooldown_ends_at INTEGER DEFAULT NULL;`